January 14th, 2005 07:23 PM
I am not sure this helps you, and it is not opensource or free, or even fits into your plan...but it does what you're asking for...
Check Point Secure Client can/does have a local firewall for the users, if configured, and it will block all traffic that isn't specifically for your IP/MAC within those rules. Checkpoint offers a version of ethereal that works with computers running Secure Client, specifically for network admins, security folks, etc.
Personally, I find it to be a big pain in my @ss so I simply disable the firewall and fire up Ethereal. But then again, I have my systems patched and up to date. But it's my @ss I'm risking there. And all it will take is one lucky zero-day vulnerability to ruin my day...
"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore